Birmingham City University (BCU), in partnership with Covatic, has unveiled groundbreaking research to protect AI models from cyber threats.

AI models are now integral to high-stakes industries like healthcare and autonomous vehicles. These systems exhibit high accuracy in analysing images, often surpassing human performance at quicker rates. However, they remain vulnerable to deceptive or adversarial attacks – malicious attempts to deceive AI systems by subtly altering input data.

One such method, known as a ‘black-box attack’, allows cyber attackers to test an AI model repeatedly to gather intelligence and find ways to manipulate its decisions. This could allow an AI-powered self-driving car to misread a stop sign as a speed limit sign; or misdiagnose a patient based on the images it’s provided.

Groundbreaking research from BCU, which was recently published in Expert Systems with Applications, has introduced a new defence mechanism for these AI models. By applying simple and random image adjustments – like rotations or resizing – before processing, the AI system becomes more resilient to deception and manipulation. 

Compared to regular adversarially trained AI models with no defence, image adjustments saw a 21% improvement in competitive performance and compared to other defence methods such as Random Noise Defence, the margin of improvement increased to between 2.3-4.6% on different AI systems.

Atif Azad, professor of artificial intelligence at BCU, said: “As AI plays a bigger role in critical areas like healthcare and self-driving technology, addressing security risks is essential.

“This research takes an important step toward making AI systems more resilient against cyber threats.”

Dr Umar Daraz, director of innovation at BCU, said: “We are incredibly proud to be working with our partners from Covatic. 

“It’s a relationship that has grown to encourage cutting-edge research on AI, data, and cyber security solutions, and has helped to create new jobs in the West Midlands. This research will form part of Covatic’s advertising industry applications, which are used by millions of people already.

“The collaboration has been built on our common goals of innovation and supporting local companies by designing, developing, and introducing new tools that were seeded locally, but could have international impacts.”

Birmingham-based Covatic, is the leading provider of privacy-first audience solutions, and helps companies improve targeted advertising while protecting users' privacy.

Nick Pinks, CEO at Covatic, shared his enthusiasm for the collaboration, stating “At Covatic, we are committed to staying at the forefront of technology. This breakthrough has helped us stress-test and better secure our machine learning algorithms from malicious attacks.

“Our CTO, James Holyhead, worked closely with the BCU team on this project, reflecting our dedication to advancing future technologies, particularly in the advertising industry.”

Covatic

Covatic helps online publishers, media companies, and brands better target advertising while protecting their users' privacy. Our platform allows them to identify and address their entire audience without cookies or personal identifiers. It wor...

More about Covatic »

Powered by PressBox